feature #27798 [Security] Use AuthenticationTrustResolver in SimplePreAuthenticationListener (nicolas-grekas)
This PR was merged into the 4.2-dev branch.
Discussion
----------
[Security] Use AuthenticationTrustResolver in SimplePreAuthenticationListener
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes (minor)
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Minor, but would be consistent with how `ContextListener` checks for anonymous tokens.
Commits
-------
27b89cb [Security] Use AuthenticationTrustResolver in SimplePreAuthenticationListener
This commit is contained in:
Robin Chalas
commit
04b2c2db4f
@ -132,6 +132,7 @@
|
||||
<argument /> <!-- Authenticator -->
|
||||
<argument type="service" id="logger" on-invalid="null" />
|
||||
<argument type="service" id="event_dispatcher" on-invalid="null"/>
|
||||
<argument type="service" id="security.authentication.trust_resolver" />
|
||||
</service>
|
||||
|
||||
<service id="security.authentication.listener.x509" class="Symfony\Component\Security\Http\Firewall\X509AuthenticationListener" abstract="true">
|
||||
|
||||
@ -16,8 +16,11 @@ use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterfac
|
||||
use Psr\Log\LoggerInterface;
|
||||
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver;
|
||||
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
|
||||
use Symfony\Component\Security\Http\Authentication\SimplePreAuthenticatorInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Exception\AuthenticationException;
|
||||
@ -42,8 +45,9 @@ class SimplePreAuthenticationListener implements ListenerInterface
|
||||
private $logger;
|
||||
private $dispatcher;
|
||||
private $sessionStrategy;
|
||||
private $trustResolver;
|
||||
|
||||
public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, string $providerKey, SimplePreAuthenticatorInterface $simpleAuthenticator, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null)
|
||||
public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, string $providerKey, SimplePreAuthenticatorInterface $simpleAuthenticator, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, AuthenticationTrustResolverInterface $trustResolver = null)
|
||||
{
|
||||
if (empty($providerKey)) {
|
||||
throw new \InvalidArgumentException('$providerKey must not be empty.');
|
||||
@ -55,6 +59,7 @@ class SimplePreAuthenticationListener implements ListenerInterface
|
||||
$this->simpleAuthenticator = $simpleAuthenticator;
|
||||
$this->logger = $logger;
|
||||
$this->dispatcher = $dispatcher;
|
||||
$this->trustResolver = $trustResolver ?: new AuthenticationTrustResolver(AnonymousToken::class, RememberMeToken::class);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -78,7 +83,7 @@ class SimplePreAuthenticationListener implements ListenerInterface
|
||||
$this->logger->info('Attempting SimplePreAuthentication.', array('key' => $this->providerKey, 'authenticator' => get_class($this->simpleAuthenticator)));
|
||||
}
|
||||
|
||||
if (null !== $this->tokenStorage->getToken() && !$this->tokenStorage->getToken() instanceof AnonymousToken) {
|
||||
if ((null !== $token = $this->tokenStorage->getToken()) && !$this->trustResolver->isAnonymous($token)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user